A TLS connection is represented as a struct tls
object called a “context”. A new context is created by either
the tls_client() or
tls_server() functions.
tls_client() is used in TLS client programs,
tls_server() in TLS server programs.

The context can then be configured with the function
tls_configure(). The same
tls_config object can be used to configure
multiple contexts.

After use, a TLS context should be closed with
tls_close(3), and then freed
by calling tls_free(). If
tls_free() is called with an argument of
NULL, no action occurs.

A TLS context can be reset by calling tls_reset(),
allowing for it to be reused. This is essentially equivalent to calling
tls_free(), followed by a call to the same
function that was used to originally allocate the TLS context.